The Internet represents enormous potential for commercial opportunity. The Internet is widely used in various aspects and has grown to a point where a large portion of the commerce of the world is transacted online. Unfortunately, with the growth in use and acceptance of the Internet, Internet based crime rate has also increased. Incidents resulting from the lack of effective security on the Internet are rapidly growing in number.
Content spoofing is a common attack technique employed to trick a user into believing that content appearing on a website is legitimate and not from an external source. A hacker or other malicious agent can present a fake or modified website to the user as if it were legitimate. The intent is, typically, to defraud victims although sometimes the purpose is simply to misrepresent an organization or an individual. Content spoofing can result in exploiting an established trust relationship between a computer user and an organization.
An Internet user can be easily lured to view spoofed content by links posted in e-mails, bulletin-board postings and/or chat-room transmissions. These spoofing attempts can be foiled if a user is trained to recognize spoofed content and refrains from clicking links in such postings. However, in some cases, a hacker may modify the information and the links in an established website by altering the content on the server of a legitimate concern. This mode of content spoofing is more difficult to detect because the casual Internet user cannot tell whether the page is legitimate or not.
Phishing attacks are a type of content spoofing technique wherein a hacker attempts to fraudulently acquire sensitive information related to the user, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing can have a huge negative impact on organizations' revenues, customer relationships, marketing efforts and overall corporate image. The damage caused by phishing ranges from loss of access to email to substantial financial loss. Phishing attacks can cost companies huge amounts in fraud related losses as well as personnel time.
Traditional approaches to avoid these attacks include managing a list of content spoofed sites and verifying that the URL (Uniform Resource Locator) request does not belong to this list. However, with this approach, it is required to update the list continuously whenever a new spoofed site is detected.
Another approach to prevent phishing attacks employs Security skins. Security skin is a technique that involves overlaying a user-selected image across a login form as a visual cue to indicate that the form is legitimate. However, this approach requires changes to be made to the web front-end to accommodate new security paradigms and is a cumbersome and tedious process.
Conventional browser level plug-ins can be employed to avoid phishing attacks but these cannot detect the attacks instantly and there is always a period of time between the time a spoof is detected and the time the system can begin detecting attacks. Thus, the conventional approaches employed to foil phishing attacks can be cumbersome and unreliable.